diff --git a/Berksfile b/Berksfile index 2498c03..bbec996 100644 --- a/Berksfile +++ b/Berksfile @@ -4,3 +4,5 @@ metadata cookbook "openstack-common", github: "stackforge/cookbook-openstack-common" +cookbook 'openstack-identity', + github: 'stackforge/cookbook-openstack-identity' diff --git a/attributes/default.rb b/attributes/default.rb index 330a853..e862482 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -64,7 +64,7 @@ default['openstack']['bare-metal']['api']['auth']['cache_dir'] = '/var/cache/iro default['openstack']['bare-metal']['service_tenant_name'] = 'service' default['openstack']['bare-metal']['service_user'] = 'ironic' -default['openstack']['bare-metal']['service_role'] = 'service' +default['openstack']['bare-metal']['service_role'] = 'admin' default['openstack']['bare-metal']['user'] = 'ironic' default['openstack']['bare-metal']['group'] = 'ironic' diff --git a/metadata.rb b/metadata.rb index 72c6f95..d65ca5b 100644 --- a/metadata.rb +++ b/metadata.rb @@ -13,3 +13,4 @@ recipe 'openstack-bare-metal::identity_registration', 'Registers ironi recipe 'openstack-bare-metal::ironic-common', 'Defines the common pieces of repeated code from the other recipes' depends 'openstack-common', '>= 11.0.0' +depends 'openstack-identity', '>= 11.0.0' diff --git a/recipes/identity_registration.rb b/recipes/identity_registration.rb index 44007fb..3714861 100644 --- a/recipes/identity_registration.rb +++ b/recipes/identity_registration.rb @@ -75,7 +75,7 @@ openstack_identity_register 'Register Ironic bare metal Service User' do action :create_user end -openstack_identity_register 'Grant service Role to Ironic Service User for Ironic Service Tenant' do +openstack_identity_register 'Grant admin Role to Ironic Service User for Ironic Service Tenant' do auth_uri auth_uri bootstrap_token bootstrap_token tenant_name service_tenant_name diff --git a/spec/identity_registration_spec.rb b/spec/identity_registration_spec.rb new file mode 100644 index 0000000..093884f --- /dev/null +++ b/spec/identity_registration_spec.rb @@ -0,0 +1,74 @@ +# encoding: UTF-8 + +require_relative 'spec_helper' + +describe 'openstack-bare-metal::identity_registration' do + describe 'ubuntu' do + let(:runner) { ChefSpec::SoloRunner.new(UBUNTU_OPTS) } + let(:node) { runner.node } + let(:chef_run) { runner.converge(described_recipe) } + + include_context 'bare-metal-stubs' + + it 'registers service tenant' do + expect(chef_run).to create_tenant_openstack_identity_register( + 'Register Service Tenant' + ).with( + auth_uri: 'http://127.0.0.1:35357/v2.0', + bootstrap_token: 'bootstrap-token', + tenant_name: 'service', + tenant_description: 'Service Tenant' + ) + end + + it 'registers bare metal service' do + expect(chef_run).to create_service_openstack_identity_register( + 'Register Ironic bare metal Service' + ).with( + auth_uri: 'http://127.0.0.1:35357/v2.0', + bootstrap_token: 'bootstrap-token', + service_name: 'ironic', + service_type: 'baremetal', + service_description: 'Ironic bare metal provisioning service' + ) + end + + it 'registers bare metal endpoint' do + expect(chef_run).to create_endpoint_openstack_identity_register( + 'Register Ironic bare metal Endpoint' + ).with( + auth_uri: 'http://127.0.0.1:35357/v2.0', + bootstrap_token: 'bootstrap-token', + service_type: 'baremetal', + endpoint_region: 'RegionOne', + endpoint_adminurl: 'http://127.0.0.1:6385', + endpoint_internalurl: 'http://127.0.0.1:6385', + endpoint_publicurl: 'http://127.0.0.1:6385' + ) + end + + it 'registers bare metal service user' do + expect(chef_run).to create_user_openstack_identity_register( + 'Register Ironic bare metal Service User' + ).with( + auth_uri: 'http://127.0.0.1:35357/v2.0', + bootstrap_token: 'bootstrap-token', + tenant_name: 'service', + user_name: 'ironic', + user_pass: 'service_pass' + ) + end + + it 'grants admin role to service user for service tenant' do + expect(chef_run).to grant_role_openstack_identity_register( + 'Grant admin Role to Ironic Service User for Ironic Service Tenant' + ).with( + auth_uri: 'http://127.0.0.1:35357/v2.0', + bootstrap_token: 'bootstrap-token', + tenant_name: 'service', + role_name: 'admin', + user_name: 'ironic' + ) + end + end +end